Threat Intelligence Driven Incident Response

Threat intelligence is a core component of any Incident Response engagement or SOC investigation. While threat intel comes in many forms, shapes, and sizes—when used properly—it adds critical context that enables quick and accurate investigation decisions. If you understand the different types of threat intelligence used across your organization, your team can respond quickly to threats, and prioritize a detection strategy to stop future attackers.

In this session, Tim will share:
1. Key types of threat intelligence
2. How each type should be used effectively
3. Recycling: translating investigations into detections

Security isn't just about boundaries and defenses. Maintenance, especially in the form of patching, mitigation and threat reduction, are often just as important as a solid set of firewall rules for reducing an attacker's ability to compromise your systems or networks.

For most security departments, this maintenance comes in the form of a vulnerability management program. Typically, these include patching, scanning, testing, mitigation- when they're done properly, they can prevent incidents before they happen. Vulnerability management is the key to a strong security program in any enterprise, but it's also a lot of work.

In this webcast, we'll talk about why most security teams need vulnerability management, who to work with to get it done, and strategies to reduce the workload.

Vulnerability Management should be at the core of every Information Security program (it’s CIS Control #3) and yet it is often one of the most misunderstood elements. Requiring strong leadership and many foundational elements to be successful, programs often topple because the legs of the table we have built are not sturdy to hold the weight of our scanning tools, and the data these tools produce.

Join Rapid7’s Brian Carey for a discussion on some of the more common reasons Vulnerability Management programs fail, and more importantly what we can all do to ensure that doesn’t happen.

Web applications have vulnerabilities—period, full stop. Most “AppSec” efforts focus on creating more secure applications, or attempt to deploy network appliances to protect those in production. The rapid growth of DevOps, microservices, and cloud deployments have made it more essential to secure apps before they get to production, and security software vendors seem to be introducing new, shiny solutions every month. But where do you start? What approach should you take?

Security teams today understand the need to invest across threat prevention, detection, and incident response. But with strained teams, siloed technologies, and ever-looming compliance audits, where do you start?

Join us for a special session with Justin and Alan, who will share prioritization guidance from working with hundreds of security teams, as well as key findings from an all-new Rapid7 Threat Report. We’ll cover:

1. How teams are bringing automation to their vulnerability management program
2. How to prioritize prevention across your modern network, from remote workers to cloud environments
3. Top alerts & attacker trends, based on findings from Rapid7’s 24/7 Managed Detection and Response service
4. Using the MITRE ATT&CK framework to assess your current detection capabilities

Threat intelligence is a core component of any Incident Response engagement or SOC investigation. While threat intel comes in many forms, shapes, and sizes—when used properly—it adds critical context that enables quick and accurate investigation decisions. If you understand the different types of threat intelligence used across your organization, your team can respond quickly to threats, and prioritize a detection strategy to stop future attackers.

In this session, Tim will share:
1. Key types of threat intelligence
2. How each type should be used effectively
3. Recycling: translating investigations into detections

The biggest challenge that security analytics addresses is the volume and diversity of information that can be analyzed at a given point to assist security professionals in detecting, responding to and mitigating cyber threats. But how do you leverage that data to implement security best practices?

InsightIDR is a single solution that provides visibility across your traditional on-premise environment, but also extends monitoring to your remote endpoints and cloud services. Join us to learn how InsightIDR provides visibility into your network and highlight useful metrics to implement security best practices.

In this webcast, we will discuss:

1. How to make security analytics more consumable
2. The data sources you need to collect and analyze
3. How InsightIDR leverages pre-built analytics to detect top attack vectors

The game of Chess originated in India around the 6th century AD. The purpose was believed to be for developing battle strategies, which is exactly what we do in cyber security. Chess helps improve mental abilities such as problem solving, critical thinking, pattern recognition, planning ahead, focus and concentration. This is the same mindset we strive for as IT professionals, specifically in vulnerability management. The vulnerability management goal is easy. It’s the surrounding problems, patterns and planning that makes it difficult.

In this webinar, we will discuss thinking strategically of your vulnerability management program as a chess game. Our expert speaker, Nadean Tanner, will share actionable advice for building your vulnerability management program.

When it comes to hiring and retention, your employer brand is huge. It’s your company’s value proposition combined with overall reputation that prospective and current employees use to evaluate whether or not your company is the right place to work. Employers need to meet high expectations and find innovative ways to communicate their culture to these audiences.

In this panel webinar, HR leaders from Glassdoor, Sapling, Rapid7, and Culture Amp, will discuss how to leverage your employer brand to attract and retain top talent. Expert panelists from high-performance, hyper-growth organizations will answer your questions and share their practical experience, starting with how to ensure that your company values act as a rallying force for each team member in your company.

The conversation will also cover these key aspects of building a powerful employer brand:

- The best employee perks to boost your employer brand
- How to define and showcase your employer value proposition
- How to use your organization’s core beliefs as a rallying force for attracting and retaining your top talent

With the ever-changing threat environment and increasing prevalence of data breaches, today’s CISOs face a daunting task of securing their organization from a variety of threats. But, with so many priorities and a finite budget, it can sometimes feel like an impossible task to decide where to focus. So, what does 2019 have in store for cybersecurity and what are CISOs’ top priorities?

Join Rapid7 and our panel of expert CISOs for our 2019 predictions. Some of the topics our panel will cover include:

1. What are the top cybersecurity predictions for 2019?
2. How will CISOs’ priorities change in 2019? What will become new areas of focus and what will decrease in priority?
3. How will CISO’s investments change in 2019? What areas of cybersecurity do they see receiving more funding?
4. Actionable insights for how to improve your organization’s cybersecurity strategy in 2019

Wondering what the top threats are for 2019? Join Rapid7 experts for a discussion of the top threats our team is tracking for the new year. Through extensive research and the engagements of our managed detection and response team, Bob Rudis and Michelle Martinez will share their research to help you protect your organization in the new year.

Some of the topics our experts will cover include:
1. The most prevalent threats we are tracking for 2019
2. Top cybersecurity incidents of 2018 and how we expect those to impact 2019
3. Key takeaways to help you put our research into practice at your organization

Wondering how your peers are solving some of today’s most common incident detection and response challenges? Struggling to implement a security orchestration and automation strategy that can complement your SIEM?

Join a group of Rapid7 customers as they discuss how they have built their incident detection and response programs to combat today’s most prevalent cybersecurity threats. No matter where you are in your cybersecurity journey, our panel of experts will be able to guide you to security success.

1. How they have built their incident detection and response programs with Rapid7
2. Today’s modern threat landscape and the most common threats they are facing
3. Metrics from detection and response programs that are most important to share with executive staff

Considering adding 24/7 SOC coverage to your incident detection and response programs? Experiencing challenges with operating your existing SOC? Simply adding a SOC to your portfolio without adequate preparation is going to result in poor performance in threat detection, high turnover in valuable resources, and a general underperformance of a heavy financial investment.

In order to get the most from your investment, SOC analysts require full visibility through the right technology, a well-defined mission, team structure, and leadership, and most importantly the SOC must augment existing high-performance security programs.

Join Wade Woolwine, Director of Rapid7’s MDR service and SOC, to learn some of the key considerations that should be in place before hiring your first SOC analyst.

Today’s security and IT teams are struggling to keep up. The digital landscape is constantly changing and between disparate, unintegrated systems and repetitive, manual processes, security teams are having a difficult time getting ahead. There are too many alerts, not enough time to investigate them all, and staff are on the verge of burnout.

1. Key considerations that should be in place before implementing automation
2. When is the right time to add automation (and when it isn’t)
3. Which common security tasks are ideal to automate
4. How to prepare your organization for SOAR

In this webcast, Justin Buchanan and Eric Sun will walk you through specific ways you can apply automation, both in vulnerability management and threat detection and response. If you’re on the fence between investing in more staff, automation technology, or managed services, we’ll provide you with what to consider to be ready for current and future threats.

Rapid7 (NASDAQ:RPD) powers the practice of SecOps by delivering shared visibility, analytics, and automation that unites security, IT, and DevOps teams. The Rapid7 Insight platform empowers these teams to jointly manage and reduce risk, detect and contain attackers, and analyze and optimize operations. Rapid7 technology, services, and research drive vulnerability management, application security, incident detection and response, and log management for more than 7,000 organizations across more than 120 countries, including 52% of the Fortune 100.